@exulu/backend 0.2.1 → 0.2.2

package/dist/index.cjs

@@ -194,6 +194,10 @@ var usersSchema = {
       name: "apikey",
       type: "text"
     },
+    {
+      name: "last_used",
+      type: "date"
+    },
     {
       name: "role",
       type: "reference",
@@ -202,10 +206,6 @@ var usersSchema = {
         field: "id",
         onDelete: "CASCADE"
       }
-    },
-    {
-      name: "last_used",
-      type: "date"
     }
   ]
 };
@@ -404,7 +404,61 @@ var sanitizeName = (name) => {
 };
 
 // src/postgres/init-db.ts
+var import_bcryptjs2 = __toESM(require("bcryptjs"), 1);
+
+// src/auth/generate-key.ts
 var import_bcryptjs = __toESM(require("bcryptjs"), 1);
+var SALT_ROUNDS = 12;
+async function encryptApiKey(apikey) {
+  const hash = await import_bcryptjs.default.hash(apikey, SALT_ROUNDS);
+  return hash;
+}
+var generateApiKey = async (name, email) => {
+  const { db: db2 } = await postgresClient();
+  console.log("[EXULU] Inserting default user and admin role.");
+  const existingRole = await db2.from("roles").where({ name: "admin" }).first();
+  let roleId;
+  if (!existingRole) {
+    console.log("[EXULU] Creating default admin role.");
+    const role = await db2.from("roles").insert({
+      name: "admin",
+      is_admin: true,
+      agents: []
+    }).returning("id");
+    roleId = role[0].id;
+  } else {
+    roleId = existingRole.id;
+  }
+  const newKeyName = name;
+  const plainKey = `sk_${Math.random().toString(36).substring(2, 15)}_${Math.random().toString(36).substring(2, 15)}`;
+  const postFix = `/${newKeyName.toLowerCase().trim().replaceAll(" ", "_")}`;
+  const encryptedKey = await encryptApiKey(plainKey);
+  const existingApiUser = await db2.from("users").where({ email }).first();
+  if (!existingApiUser) {
+    console.log("[EXULU] Creating default api user.");
+    await db2.from("users").insert({
+      name,
+      email,
+      super_admin: true,
+      createdAt: /* @__PURE__ */ new Date(),
+      updatedAt: /* @__PURE__ */ new Date(),
+      type: "api",
+      apikey: `${encryptedKey}${postFix}`,
+      // password: "admin", todo add this again when we implement password auth / encryption as alternative to OTP
+      role: roleId
+    });
+    console.log("[EXULU] Default api user created. Key: ", `${plainKey}${postFix}`);
+  } else {
+    console.log("[EXULU] API user with that name already exists.");
+  }
+  console.log("[EXULU] Key generated, copy and use the plain key from here, you will not be able to access it again.");
+  console.log("[EXULU] Key: ", `${plainKey}${postFix}`);
+  return {
+    key: `${plainKey}${postFix}`
+  };
+};
+
+// src/postgres/init-db.ts
 var up = async function(knex) {
   if (!await knex.schema.hasTable("roles")) {
     await knex.schema.createTable("roles", (table) => {
@@ -509,6 +563,7 @@ var up = async function(knex) {
       table.timestamp("emailVerified", { useTz: true });
       table.text("image");
       for (const field of usersSchema.fields) {
+        console.log("[EXULU] field", field);
         const { type, name, references, default: defaultValue } = field;
         if (name === "id" || name === "name" || name === "email" || name === "emailVerified" || name === "image") {
           continue;
@@ -552,9 +607,9 @@ var up = async function(knex) {
     });
   }
 };
-var SALT_ROUNDS = 12;
-async function encryptApiKey(apikey) {
-  const hash = await import_bcryptjs.default.hash(apikey, SALT_ROUNDS);
+var SALT_ROUNDS2 = 12;
+async function encryptApiKey2(apikey) {
+  const hash = await import_bcryptjs2.default.hash(apikey, SALT_ROUNDS2);
   return hash;
 }
 var execute = async () => {
@@ -578,7 +633,7 @@ var execute = async () => {
   const newKeyName = "exulu_default_key";
   const plainKey = `sk_${Math.random().toString(36).substring(2, 15)}_${Math.random().toString(36).substring(2, 15)}`;
   const postFix = `/${newKeyName.toLowerCase().trim().replaceAll(" ", "_")}`;
-  const encryptedKey = await encryptApiKey(plainKey);
+  const encryptedKey = await encryptApiKey2(plainKey);
   const existingUser = await db2.from("users").where({ email: "admin@exulu.com" }).first();
   if (!existingUser) {
     console.log("[EXULU] Creating default admin user.");
@@ -593,23 +648,9 @@ var execute = async () => {
       role: roleId
     });
   }
-  const existingApiUser = await db2.from("users").where({ email: "api@exulu.com" }).first();
-  if (!existingApiUser) {
-    console.log("[EXULU] Creating default api user.");
-    await db2.from("users").insert({
-      name: "exulu",
-      email: "admin@exulu.com",
-      super_admin: true,
-      createdAt: /* @__PURE__ */ new Date(),
-      updatedAt: /* @__PURE__ */ new Date(),
-      type: "api",
-      apikey: `${encryptedKey}${postFix}`,
-      // password: "admin", todo add this again when we implement password auth / encryption as alternative to OTP
-      role: roleId
-    });
-  }
+  const { key } = await generateApiKey("exulu", "api@exulu.com");
   console.log("[EXULU] Database initialized.");
-  console.log("[EXULU] Default api key: ", `${encryptedKey}${postFix}`);
+  console.log("[EXULU] Default api key: ", `${key}`);
   return;
 };
 
@@ -1469,13 +1510,14 @@ var import_express = require("express");
 var import_jwt = require("next-auth/jwt");
 
 // src/auth/auth.ts
-var import_bcryptjs2 = __toESM(require("bcryptjs"), 1);
+var import_bcryptjs3 = __toESM(require("bcryptjs"), 1);
 var authentication = async ({
   apikey,
   authtoken,
   internalkey,
   db: db2
 }) => {
+  console.log("[EXULU] apikey", apikey);
   if (internalkey) {
     if (!process.env.INTERNAL_SECRET) {
       return {
@@ -1543,31 +1585,38 @@ var authentication = async ({
         code: 401
       };
     }
-    const keyParts = apikey.split("/");
-    const keyName = keyParts.pop();
-    const keyValue = keyParts[0];
-    if (!keyName) {
+    const request_key_parts = apikey.split("/");
+    const request_key_name = request_key_parts.pop();
+    const request_key_last_slash_index = apikey.lastIndexOf("/");
+    const request_key_compare_value = apikey.substring(0, request_key_last_slash_index);
+    if (!request_key_name) {
       return {
         error: true,
         message: "Provided api key does not include postfix with key name ({key}/{name}).",
         code: 401
       };
     }
-    if (!keyValue) {
+    if (!request_key_compare_value) {
       return {
         error: true,
         message: "Provided api key is not in the correct format.",
         code: 401
       };
     }
-    const filtered = users.filter(({ apikey: apikey2, id }) => apikey2.includes(keyName));
+    console.log("[EXULU] users", users);
+    console.log("[EXULU] request_key_name", request_key_name);
+    console.log("[EXULU] request_key_compare_value", request_key_compare_value);
+    const filtered = users.filter(({ apikey: apikey2, id }) => apikey2.includes(request_key_name));
+    console.log("[EXULU] filtered", filtered);
     for (const user of filtered) {
-      const lastSlashIndex = user.apikey.lastIndexOf("/");
-      const compareValue = lastSlashIndex !== -1 ? user.apikey.substring(0, lastSlashIndex) : user.apikey;
-      const isMatch = await import_bcryptjs2.default.compare(keyValue, compareValue);
+      const user_key_last_slash_index = user.apikey.lastIndexOf("/");
+      const user_key_compare_value = user.apikey.substring(0, user_key_last_slash_index);
+      console.log("[EXULU] user_key_compare_value", user_key_compare_value);
+      const isMatch = await import_bcryptjs3.default.compare(request_key_compare_value, user_key_compare_value);
+      console.log("[EXULU] isMatch", isMatch);
       if (isMatch) {
         await db2.from("users").where({ id: user.id }).update({
-          lastUsed: /* @__PURE__ */ new Date()
+          last_used: /* @__PURE__ */ new Date()
         }).returning("id");
         return {
           error: false,
@@ -1576,6 +1625,12 @@ var authentication = async ({
         };
       }
     }
+    console.log("[EXULU] No matching api key found.");
+    return {
+      error: true,
+      message: "No matching api key found.",
+      code: 401
+    };
   }
   return {
     error: true,
@@ -2840,12 +2895,25 @@ var createExpressRoutes = async (app, agents, embedders, tools, workflows, conte
   });
   app.post("/items/:context", async (req, res) => {
     try {
+      console.log("[EXULU] post items");
       if (!req.params.context) {
         res.status(400).json({
           message: "Missing context in request."
         });
         return;
       }
+      if (!req.body) {
+        res.status(400).json({
+          message: "Missing body in request."
+        });
+        return;
+      }
+      if (!req.body.name) {
+        res.status(400).json({
+          message: "Missing in body of request."
+        });
+        return;
+      }
       const authenticationResult = await requestValidators.authenticate(req);
       if (!authenticationResult.user?.id) {
         res.status(authenticationResult.code || 500).json({ detail: `${authenticationResult.message}` });
@@ -3783,6 +3851,9 @@ var ExuluJobs = {
 var ExuluDatabase = {
   init: async () => {
     await execute();
+  },
+  generateApiKey: async (name, email) => {
+    return await generateApiKey(name, email);
   }
 };
 // Annotate the CommonJS export names for ESM import in node:

package/dist/index.d.cts

@@ -449,6 +449,9 @@ declare const ExuluJobs: {
 
 declare const ExuluDatabase: {
     init: () => Promise<void>;
+    generateApiKey: (name: string, email: string) => Promise<{
+        key: string;
+    }>;
 };
 
 export { type STATISTICS_TYPE as EXULU_STATISTICS_TYPE, STATISTICS_TYPE_ENUM as EXULU_STATISTICS_TYPE_ENUM, ExuluAgent, ExuluApp, authentication as ExuluAuthentication, ExuluContext, ExuluDatabase, ExuluEmbedder, ExuluJobs, queues as ExuluQueues, ExuluSource, ExuluTool, ExuluWorkflow, ExuluZodFileType };

package/dist/index.d.ts

@@ -449,6 +449,9 @@ declare const ExuluJobs: {
 
 declare const ExuluDatabase: {
     init: () => Promise<void>;
+    generateApiKey: (name: string, email: string) => Promise<{
+        key: string;
+    }>;
 };
 
 export { type STATISTICS_TYPE as EXULU_STATISTICS_TYPE, STATISTICS_TYPE_ENUM as EXULU_STATISTICS_TYPE_ENUM, ExuluAgent, ExuluApp, authentication as ExuluAuthentication, ExuluContext, ExuluDatabase, ExuluEmbedder, ExuluJobs, queues as ExuluQueues, ExuluSource, ExuluTool, ExuluWorkflow, ExuluZodFileType };

package/dist/index.js

@@ -153,6 +153,10 @@ var usersSchema = {
       name: "apikey",
       type: "text"
     },
+    {
+      name: "last_used",
+      type: "date"
+    },
     {
       name: "role",
       type: "reference",
@@ -161,10 +165,6 @@ var usersSchema = {
         field: "id",
         onDelete: "CASCADE"
       }
-    },
-    {
-      name: "last_used",
-      type: "date"
     }
   ]
 };
@@ -363,7 +363,61 @@ var sanitizeName = (name) => {
 };
 
 // src/postgres/init-db.ts
+import bcrypt2 from "bcryptjs";
+
+// src/auth/generate-key.ts
 import bcrypt from "bcryptjs";
+var SALT_ROUNDS = 12;
+async function encryptApiKey(apikey) {
+  const hash = await bcrypt.hash(apikey, SALT_ROUNDS);
+  return hash;
+}
+var generateApiKey = async (name, email) => {
+  const { db: db2 } = await postgresClient();
+  console.log("[EXULU] Inserting default user and admin role.");
+  const existingRole = await db2.from("roles").where({ name: "admin" }).first();
+  let roleId;
+  if (!existingRole) {
+    console.log("[EXULU] Creating default admin role.");
+    const role = await db2.from("roles").insert({
+      name: "admin",
+      is_admin: true,
+      agents: []
+    }).returning("id");
+    roleId = role[0].id;
+  } else {
+    roleId = existingRole.id;
+  }
+  const newKeyName = name;
+  const plainKey = `sk_${Math.random().toString(36).substring(2, 15)}_${Math.random().toString(36).substring(2, 15)}`;
+  const postFix = `/${newKeyName.toLowerCase().trim().replaceAll(" ", "_")}`;
+  const encryptedKey = await encryptApiKey(plainKey);
+  const existingApiUser = await db2.from("users").where({ email }).first();
+  if (!existingApiUser) {
+    console.log("[EXULU] Creating default api user.");
+    await db2.from("users").insert({
+      name,
+      email,
+      super_admin: true,
+      createdAt: /* @__PURE__ */ new Date(),
+      updatedAt: /* @__PURE__ */ new Date(),
+      type: "api",
+      apikey: `${encryptedKey}${postFix}`,
+      // password: "admin", todo add this again when we implement password auth / encryption as alternative to OTP
+      role: roleId
+    });
+    console.log("[EXULU] Default api user created. Key: ", `${plainKey}${postFix}`);
+  } else {
+    console.log("[EXULU] API user with that name already exists.");
+  }
+  console.log("[EXULU] Key generated, copy and use the plain key from here, you will not be able to access it again.");
+  console.log("[EXULU] Key: ", `${plainKey}${postFix}`);
+  return {
+    key: `${plainKey}${postFix}`
+  };
+};
+
+// src/postgres/init-db.ts
 var up = async function(knex) {
   if (!await knex.schema.hasTable("roles")) {
     await knex.schema.createTable("roles", (table) => {
@@ -468,6 +522,7 @@ var up = async function(knex) {
       table.timestamp("emailVerified", { useTz: true });
       table.text("image");
       for (const field of usersSchema.fields) {
+        console.log("[EXULU] field", field);
         const { type, name, references, default: defaultValue } = field;
         if (name === "id" || name === "name" || name === "email" || name === "emailVerified" || name === "image") {
           continue;
@@ -511,9 +566,9 @@ var up = async function(knex) {
     });
   }
 };
-var SALT_ROUNDS = 12;
-async function encryptApiKey(apikey) {
-  const hash = await bcrypt.hash(apikey, SALT_ROUNDS);
+var SALT_ROUNDS2 = 12;
+async function encryptApiKey2(apikey) {
+  const hash = await bcrypt2.hash(apikey, SALT_ROUNDS2);
   return hash;
 }
 var execute = async () => {
@@ -537,7 +592,7 @@ var execute = async () => {
   const newKeyName = "exulu_default_key";
   const plainKey = `sk_${Math.random().toString(36).substring(2, 15)}_${Math.random().toString(36).substring(2, 15)}`;
   const postFix = `/${newKeyName.toLowerCase().trim().replaceAll(" ", "_")}`;
-  const encryptedKey = await encryptApiKey(plainKey);
+  const encryptedKey = await encryptApiKey2(plainKey);
   const existingUser = await db2.from("users").where({ email: "admin@exulu.com" }).first();
   if (!existingUser) {
     console.log("[EXULU] Creating default admin user.");
@@ -552,23 +607,9 @@ var execute = async () => {
       role: roleId
     });
   }
-  const existingApiUser = await db2.from("users").where({ email: "api@exulu.com" }).first();
-  if (!existingApiUser) {
-    console.log("[EXULU] Creating default api user.");
-    await db2.from("users").insert({
-      name: "exulu",
-      email: "admin@exulu.com",
-      super_admin: true,
-      createdAt: /* @__PURE__ */ new Date(),
-      updatedAt: /* @__PURE__ */ new Date(),
-      type: "api",
-      apikey: `${encryptedKey}${postFix}`,
-      // password: "admin", todo add this again when we implement password auth / encryption as alternative to OTP
-      role: roleId
-    });
-  }
+  const { key } = await generateApiKey("exulu", "api@exulu.com");
   console.log("[EXULU] Database initialized.");
-  console.log("[EXULU] Default api key: ", `${encryptedKey}${postFix}`);
+  console.log("[EXULU] Default api key: ", `${key}`);
   return;
 };
 
@@ -1428,13 +1469,14 @@ import "express";
 import { getToken } from "next-auth/jwt";
 
 // src/auth/auth.ts
-import bcrypt2 from "bcryptjs";
+import bcrypt3 from "bcryptjs";
 var authentication = async ({
   apikey,
   authtoken,
   internalkey,
   db: db2
 }) => {
+  console.log("[EXULU] apikey", apikey);
   if (internalkey) {
     if (!process.env.INTERNAL_SECRET) {
       return {
@@ -1502,31 +1544,38 @@ var authentication = async ({
         code: 401
       };
     }
-    const keyParts = apikey.split("/");
-    const keyName = keyParts.pop();
-    const keyValue = keyParts[0];
-    if (!keyName) {
+    const request_key_parts = apikey.split("/");
+    const request_key_name = request_key_parts.pop();
+    const request_key_last_slash_index = apikey.lastIndexOf("/");
+    const request_key_compare_value = apikey.substring(0, request_key_last_slash_index);
+    if (!request_key_name) {
       return {
         error: true,
         message: "Provided api key does not include postfix with key name ({key}/{name}).",
         code: 401
       };
     }
-    if (!keyValue) {
+    if (!request_key_compare_value) {
       return {
         error: true,
         message: "Provided api key is not in the correct format.",
         code: 401
       };
     }
-    const filtered = users.filter(({ apikey: apikey2, id }) => apikey2.includes(keyName));
+    console.log("[EXULU] users", users);
+    console.log("[EXULU] request_key_name", request_key_name);
+    console.log("[EXULU] request_key_compare_value", request_key_compare_value);
+    const filtered = users.filter(({ apikey: apikey2, id }) => apikey2.includes(request_key_name));
+    console.log("[EXULU] filtered", filtered);
     for (const user of filtered) {
-      const lastSlashIndex = user.apikey.lastIndexOf("/");
-      const compareValue = lastSlashIndex !== -1 ? user.apikey.substring(0, lastSlashIndex) : user.apikey;
-      const isMatch = await bcrypt2.compare(keyValue, compareValue);
+      const user_key_last_slash_index = user.apikey.lastIndexOf("/");
+      const user_key_compare_value = user.apikey.substring(0, user_key_last_slash_index);
+      console.log("[EXULU] user_key_compare_value", user_key_compare_value);
+      const isMatch = await bcrypt3.compare(request_key_compare_value, user_key_compare_value);
+      console.log("[EXULU] isMatch", isMatch);
       if (isMatch) {
         await db2.from("users").where({ id: user.id }).update({
-          lastUsed: /* @__PURE__ */ new Date()
+          last_used: /* @__PURE__ */ new Date()
         }).returning("id");
         return {
           error: false,
@@ -1535,6 +1584,12 @@ var authentication = async ({
         };
       }
     }
+    console.log("[EXULU] No matching api key found.");
+    return {
+      error: true,
+      message: "No matching api key found.",
+      code: 401
+    };
   }
   return {
     error: true,
@@ -2799,12 +2854,25 @@ var createExpressRoutes = async (app, agents, embedders, tools, workflows, conte
   });
   app.post("/items/:context", async (req, res) => {
     try {
+      console.log("[EXULU] post items");
       if (!req.params.context) {
         res.status(400).json({
           message: "Missing context in request."
         });
         return;
       }
+      if (!req.body) {
+        res.status(400).json({
+          message: "Missing body in request."
+        });
+        return;
+      }
+      if (!req.body.name) {
+        res.status(400).json({
+          message: "Missing in body of request."
+        });
+        return;
+      }
       const authenticationResult = await requestValidators.authenticate(req);
       if (!authenticationResult.user?.id) {
         res.status(authenticationResult.code || 500).json({ detail: `${authenticationResult.message}` });
@@ -3742,6 +3810,9 @@ var ExuluJobs = {
 var ExuluDatabase = {
   init: async () => {
     await execute();
+  },
+  generateApiKey: async (name, email) => {
+    return await generateApiKey(name, email);
   }
 };
 export {

package/package.json

@@ -1,7 +1,7 @@
 {
     "name": "@exulu/backend",
     "author": "Qventu Bv.",
-    "version": "0.2.1",
+    "version": "0.2.2",
     "main": "./dist/index.js",
     "private": false,
     "publishConfig": {